I have a unreliable VPN tunnel I am trying to diagnose. I have a Cisco 1801 ISR at a customer site that has a private IP address assigned to it's outside interface. The other end of that connection is I am told a DMZ on a watchguard (not my device) and I have been given a 1 to 1 NAT from a public address to my inside address.
I have the VPN tunnel established, but it is unreliable. At what seems to be random intervals the VPN will drop and I cannot re-establish the tunnel until I restart the Cisco 1811 router. The tunnel is terminating on a pair of PIX 525s at our datacenter. I have about a dozen 1801/1811 routers in the field and this is the only one causing problems.
Do I need to do anything special for a device that is behind a NATed interface?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...